<?php require_once("conn.php");
      require_once("GetSQLValueString.php");?>
<?php
	  session_start();
	  if(!(isset($_SESSION['MM_Username']))){
		header("Location: index.php");
	 }

	  mysql_select_db($dataname,$conn);
	  $query_rs_types = "select * from types order by type_id ASC";
	  mysql_query("set names 'gbk'");
	  $rs_types = mysql_query($query_rs_types,$conn) or die(mysql_error());
	  $row_rs_types = mysql_fetch_assoc($rs_types);

	  $query_rs_config = "select * from config";
	  $rs_config = mysql_query($query_rs_config,$conn) or die(mysql_error());
	  $row_rs_config = mysql_fetch_assoc($rs_config);

	  if((isset($_POST['MM_insert'])) && ($_POST['MM_insert']=='form1')){
	  	$insertSQL = sprintf("insert into articles (title,author,content,type_id,checked,
		  last_update_id) values (%s,%s,%s,%s,1,%s)",
		  GetSQLValueString($_POST['title'],"text"),
		  GetSQLValueString($_SESSION['MM_Username'],"text"),
		  GetSQLValueString($_POST['content'],"text"),
		  GetSQLValueString($_POST['type_id'],"int"),
		  GetSQLValueString($_SESSION['MM_Username'],"text"));
	    mysql_select_db($dataname,$conn);
	    $Result1 = mysql_query($insertSQL,$conn) or die(mysql_error());
	    echo "<script>alert('添加文章成功');</script>";
	    }

		include('templates/tadmin_addnew.php');
		mysql_free_result($rs_types);
		mysql_free_result($rs_config);
?>
